Medium severity6.1NVD Advisory· Published Apr 13, 2017· Updated May 13, 2026
CVE-2017-7725
CVE-2017-7725
Description
concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "canonical" URL on installation of concrete5 using the "Advanced Options" settings. Remote attackers can make a GET request with any domain name in the Host header; this is stored and allows for arbitrary domains to be set for certain links displayed to subsequent visitors, potentially an XSS vector.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
concrete5/concrete5Packagist | <= 8.1.0 | — |
Affected products
1- cpe:2.3:a:concretecms:concrete_cms:8.1.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- hyp3rlinx.altervista.org/advisories/CONCRETE5-v8.1.0-HOST-HEADER-INJECTION.txtnvdExploitThird Party AdvisoryWEB
- hackerone.com/reports/148300nvdExploitThird Party AdvisoryVDB EntryWEB
- packetstormsecurity.com/files/142145/concrete5-8.1.0-Host-Header-Injection.htmlnvdExploitThird Party AdvisoryVDB EntryWEB
- www.exploit-db.com/exploits/41885/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/97649nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-2mvg-c6mg-3q63ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-7725ghsaADVISORY
- web.archive.org/web/20210124030008/https://www.securityfocus.com/bid/97649ghsaWEB
- www.exploit-db.com/exploits/41885ghsaWEB
News mentions
0No linked articles in our index yet.